Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-3758

Good to know:

icon

Date: April 18, 2024

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

Language: C

Severity Score

Related Resources (14)

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/
https://access.redhat.com/errata/RHSA-2024:2571
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/
https://access.redhat.com/errata/RHSA-2024:1919
https://nvd.nist.gov/vuln/detail/CVE-2023-3758
https://access.redhat.com/errata/RHSA-2024:1922
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/
https://access.redhat.com/security/cve/CVE-2023-3758
https://github.com/SSSD/sssd/pull/7302
https://security-tracker.debian.org/tracker/CVE-2023-3758
https://bugzilla.redhat.com/show_bug.cgi?id=2223762
https://access.redhat.com/errata/RHSA-2024:1921
https://access.redhat.com/errata/RHSA-2024:1920
https://www.mend.io/vulnerability-database/CVE-2023-3758

Severity Score

Weakness Type (CWE)

Improper Authorization

CWE-285

Top Fix

icon

Upgrade Version

Upgrade to version e1bfbc2493c4194988acc3b2413df3dde0735ae3

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): ADJACENT_NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us